Group Policy WMI Filtering was introduced with Windows XP, and is a great way to add a decision on when to apply a given group policy. WMI Filters, written in WMI Query Language (WQL), allow an administrator to specify a WMI-based query to filter the application of a GPO. WMI Filtering can be very useful when users or computers are located in a relatively flat OU structure in Active Directory, for example. WMI Filters can also allow you to apply specific policies based on server roles, operating system version, network configuration, and other criteria. Windows evaluates these filters in the following order of overall Group Policy Processing:
- Policies are located in hierarchy.
- The WMI Filters are checked.
- The security settings are checked.
- A policy is either filtered or applied depending on the results of the previous checks.
Breakdown: We locate all of the policies that exist in the user or computer’s Local, Site, Domain, and OU hierarchy. We then determine if the WMI Filter (if any are defined) returns TRUE. We then verify that the user or computer has both Read and Apply group policy permissions for the GPO. Once all of that is validated, the group policy is …